Certificate

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4XsQ_WB62ScAbGLONWkeuqjwGLU.cer
File:                     4XsQ_WB62ScAbGLONWkeuqjwGLU.cer (raw, json)
Hash identifier:          CfjuZucdSOX+db/jdnch1jSBy5CLRoDNq1io7FX1weA=
Subject key identifier:   E1:7B:10:FD:60:7A:D9:27:00:6C:62:CE:35:69:1E:BA:A8:F0:18:B5
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer:       /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial:       018CC3B7349C2D0D38CC4521263C433DC656
Authority info access:    rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest:                 rsync://rpki.ripe.net/repository/DEFAULT/92/8432ed-2c97-41d3-926a-6a4d04ba5898/1/4XsQ_WB62ScAbGLONWkeuqjwGLU.mft
caRepository:             rsync://rpki.ripe.net/repository/DEFAULT/92/8432ed-2c97-41d3-926a-6a4d04ba5898/1/
Notify URL:               https://rrdp.ripe.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 06:30:12 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 51968
                          IP: 46.23.128.0/20
                          IP: 2a10:2880::/32

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 03:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:b7:34:9c:2d:0d:38:cc:45:21:26:3c:43:3d:c6:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
        Validity
            Not Before: Jan  1 06:30:12 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e17b10fd607ad927006c62ce35691ebaa8f018b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:03:5f:0f:71:50:e6:a8:54:d9:2c:f9:46:1e:
                    43:ab:04:76:df:7c:cb:dd:26:8b:8f:e4:6b:70:71:
                    14:5d:9a:c5:da:a3:09:b8:2b:6f:9d:79:4f:09:6e:
                    2d:7c:e5:39:37:62:ea:56:e2:d9:d8:7b:e5:9b:67:
                    47:77:53:7b:ff:2f:30:8c:ad:07:0b:f9:10:2e:d2:
                    4b:cc:c7:d8:48:db:21:68:ad:bf:4e:82:b2:ed:96:
                    69:17:cf:cb:24:77:8e:44:e1:6b:e9:90:0f:07:f8:
                    79:0f:1c:7e:73:e9:eb:93:8d:e4:34:e4:1d:34:f7:
                    d9:98:12:55:d5:84:4c:97:bf:98:d9:da:ee:ff:d2:
                    f2:ee:68:54:d0:ec:2b:02:c6:f4:19:87:95:74:b1:
                    d1:14:da:8e:e3:a7:d7:6e:9b:ee:50:e7:2f:ed:30:
                    c4:ad:3c:e0:fe:54:6f:39:b6:63:63:81:0d:8c:e1:
                    13:ee:42:72:bb:0c:d1:30:48:15:6e:e1:22:5a:34:
                    0b:d8:94:4a:00:2a:fe:74:96:27:b3:9b:6a:c5:bf:
                    48:a7:d4:7e:9b:cc:28:65:2e:1f:ca:99:36:e4:ad:
                    8c:6a:61:51:68:4d:a6:7b:a8:a1:e2:fd:2d:78:71:
                    2a:11:83:d0:02:b6:05:40:2b:bf:a2:22:62:5d:14:
                    23:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:7B:10:FD:60:7A:D9:27:00:6C:62:CE:35:69:1E:BA:A8:F0:18:B5
            X509v3 Authority Key Identifier:
                keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

            Subject Information Access:
                CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/8432ed-2c97-41d3-926a-6a4d04ba5898/1/
                RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/8432ed-2c97-41d3-926a-6a4d04ba5898/1/4XsQ_WB62ScAbGLONWkeuqjwGLU.mft
                RPKI Notify - URI:https://rrdp.ripe.net/notification.xml

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.23.128.0/20
                IPv6:
                  2a10:2880::/32

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  51968

    Signature Algorithm: sha256WithRSAEncryption
         52:09:f1:ef:7f:93:59:bf:74:15:e7:44:66:ff:ca:80:41:a4:
         8d:94:c7:83:82:1e:3a:cd:76:79:fe:19:bf:10:f4:a3:eb:d5:
         7e:e5:49:f1:e6:f3:f3:df:4c:e2:29:b6:72:73:1d:db:26:00:
         b7:d7:56:ad:bc:1b:c2:d5:2f:11:c4:17:41:f7:cd:2e:a7:ac:
         7c:98:32:2c:14:96:de:c0:a4:b4:63:8c:c4:7d:12:e9:14:1f:
         de:46:56:a5:ec:9a:e1:3e:d2:b9:fe:0b:68:00:0c:5a:3c:76:
         17:83:33:2a:7f:03:78:a1:4a:0a:5d:fe:f5:38:a4:7c:42:84:
         17:a7:19:90:b9:0c:16:e7:59:bc:71:29:fb:dc:8d:ef:08:d5:
         04:49:b2:8f:df:43:94:22:65:12:da:12:9d:59:2d:bc:1a:17:
         13:f9:4f:d1:00:a2:0a:61:fd:94:33:04:69:4b:9a:9e:c7:63:
         a4:21:a7:18:9f:22:15:fa:87:30:f8:92:12:76:69:89:ba:cc:
         57:c9:40:1b:e8:13:35:87:ba:0d:dc:c6:1f:5e:a6:88:24:ad:
         18:30:62:90:c9:b9:ff:46:54:00:f5:7f:3a:09:1f:32:99:ad:
         07:83:89:4b:8b:10:61:c8:66:b8:d2:15:3d:29:d2:8e:b6:f4:
         37:06:d0:cd
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzDtzScLQ04zEUhJjxDPcZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTdiMTBmZDYwN2FkOTI3MDA2YzYyY2UzNTY5MWViYWE4ZjAxOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwNfD3FQ5qhU2Sz5Rh5DqwR233zL
3SaLj+RrcHEUXZrF2qMJuCtvnXlPCW4tfOU5N2LqVuLZ2Hvlm2dHd1N7/y8wjK0H
C/kQLtJLzMfYSNshaK2/ToKy7ZZpF8/LJHeOROFr6ZAPB/h5Dxx+c+nrk43kNOQd
NPfZmBJV1YRMl7+Y2dru/9Ly7mhU0OwrAsb0GYeVdLHRFNqO46fXbpvuUOcv7TDE
rTzg/lRvObZjY4ENjOET7kJyuwzRMEgVbuEiWjQL2JRKACr+dJYns5tqxb9Ip9R+
m8woZS4fypk25K2MamFRaE2me6ih4v0teHEqEYPQArYFQCu/oiJiXRQjjQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFOF7EP1getknAGxizjVpHrqo8Bi1MB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyLzg0MzJl
ZC0yYzk3LTQxZDMtOTI2YS02YTRkMDRiYTU4OTgvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIvODQzMmVk
LTJjOTctNDFkMy05MjZhLTZhNGQwNGJhNTg5OC8xLzRYc1FfV0I2MlNjQWJHTE9O
V2tldXFqd0dMVS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUF
BwEHAQH/BB8wHTAMBAIAATAGAwQELheAMA0EAgACMAcDBQAqECiAMBoGCCsGAQUF
BwEIAQH/BAswCaAHMAUCAwDLADANBgkqhkiG9w0BAQsFAAOCAQEAUgnx73+TWb90
FedEZv/KgEGkjZTHg4IeOs12ef4ZvxD0o+vVfuVJ8ebz899M4im2cnMd2yYAt9dW
rbwbwtUvEcQXQffNLqesfJgyLBSW3sCktGOMxH0S6RQf3kZWpeya4T7Suf4LaAAM
Wjx2F4MzKn8DeKFKCl3+9TikfEKEF6cZkLkMFudZvHEp+9yN7wjVBEmyj99DlCJl
EtoSnVktvBoXE/lP0QCiCmH9lDMEaUuansdjpCGnGJ8iFfqHMPiSEnZpibrMV8lA
G+gTNYe6DdzGH16miCStGDBikMm5/0ZUAPV/OgkfMpmtB4OJS4sQYchmuNIVPSnS
jrb0NwbQzQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:20:11 2024 by rpki-client on console-ams.rpki-client.org